Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

SYO-601 > Random > Flashcards

Random Flashcards

(49 cards)

Start Studying
1
Q

A web architect would like to move a company’s website presence to the cloud. One of the management team’s key concerns is resiliency in case a cloud provider’s data center or network connection goes down. Which of the following should the web architect consider to address this concern?

A. Containers
B. Virtual Private Cloud
C. Segmentation
D. Availability Zone

A

Availability Zone

Availability zones are the most appropriate cloud feature to address the concern of resiliency in case a cloud provider’s data center or network connection goes down.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following describes where an attacker can purchase DDoS or ransomware services?

A. Threat Intelligence
B. Open Source Intelligence
C. Vulnerability Database
D. Dark Web

A

Dark Web

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A security administrator is managing administrative access to sensitive systems with the following requirements:

  • Common login accounts must not be used for administrative duties.
  • Administrative accounts must be temporal in nature.
  • Each administrative account must be assigned to one specific user.
  • Accounts must have complex passwords.

” Audit trails and logging must be enabled on all systems.

A. ABAC
B. SAML
C. PAM
D. CASB

A

PAM

PAM is a solution that enables organizations to securely manage users’ accounts and access to sensitive systems. It allows administrators to create unique and complex passwords for each user, as well as assign each account to a single user for administrative duties.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Company XYZ has been implementing Microsoft Office Communications Server 2007 R2 servers, unified communications clients, and unified communications applications.

They are now conducting the transition from solution to support. This project phase is referred to as?

A. Release
B. Operation
C. Retirement
D. Deployment

A

Operation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Technology Solutions Center is a reputable high achieving software development company. The company attributes her success in following strict SDLC.

After successfully carrying out requirement gathering and analysis and design, what other phases should follow in order?

A. Coding and Implementation, Testing, Deployment, Maintenance
B. Staging, Development, Test and Production environments
C. Test, Development, Staging and Production environments
D. Deployment, Coding and Implementation, Testing, Production environments

A

Coding and Implementation, Testing, Deployment, Maintenance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Disaster recovery testing involves simulating an IT failure or any other type of business disruption to assess a DR plan. The following are methods of testing a DRP except?

A. Checklist Testing
B. Parallel Testing
C. Simulation Testing
D. Emulation Testing

A

Emulation Testing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

An MX record in DNS can help mitigate what type of Malware?

A. Rootkit
B. Bot
C. Phishing and Spear Phishing
D. Adware

A

Phishing and Spear Phishing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Organizations has robust incidence response strategy. The following are steps one would normally take after a cybersecurity incident has occurred.

In what order would you apply them?

A. Identification, Triage and analysis, Containment, Post-incident activity
B. Identification, Containment, Triage and analysis, Post-incident activity
C. Triage and analysis, Identification, Containment, Post-incident activity
D. Identification, Containment, Post-incident activity, Triage and analysis

A

Identification, Triage and analysis, Containment, Post-incident activity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Diffrence between Hypervisor I and Hypervisor II

A)Hypervisor I(Bare Metal) easy to manage and is flexible/ Hypervisor II(Application) offers more security.

B)Hypervisor II(Applications)easy to manage and is flexible/ Hypervisor I(Bare Metal) offers more security

A

B)Hypervisor II(Applications)easy to manage and is flexible/ Hypervisor I(Bare Metal) offers more security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which of the following attacks would be rendered ineffective by the use of Salting?

A. Hash
B. Brute Force
C. Dictionary Attack
D.Rainbow Table

A

Rainbow Tables

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What type of malware is adware typically classified as?

A. DOG
B. Backdoor
C. PUP
D. Rootkit

A

B. Backdoor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Nancy is concerned that there is a software keylogger on the system she is investigating. What data may have been stolen?

A. All files on the system
B. All keyboard input
C. All files the user access while the
keylogger was active
D, Keyboard and other input from the user

A

keyboard and other input from the user

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which of the following would a security specialist be able to determine upon examination of a server’s certificate?

A. CA public key
B. Server private key
C. CSR
D. OID

A

D. OID

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

A security engineer is configuring a system that requires the X.509 certificate information to be pasted into a form field in Base64 encoded format to import it into the system. Which of the following certificate formats should the engineer use to obtain the information in the required format?

A. PFX
B. PEM
C. DER
D. CER

A

PEM

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Answer which port is which?

FTP
Telnat
SMTP
SNMP
SCP
TFTP

A

21
23
25
161
22
69

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Put theses is order
SWAP, RAM, Cache Hard Drive

A

Cache, RAM, SWAP, Hard Drive

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Which of the following characteristics differentiate a rainbow table attack from a brute force attack? (Choose two.)

A. Rainbow table attacks greatly reduce compute cycles at attack time.
B. Rainbow tables must include precomputed hashes.
C. Rainbow table attacks do not require access to hashed passwords.
D. Rainbow table attacks must be performed on the network.
E. Rainbow table attacks bypass maximum failed login restrictions.

Study These Flashcards
A

B. Rainbow tables must include precomputed hashes.

E. Rainbow table attacks bypass maximum failed login restrictions.

21
Q

A security analyst wishes to increase the security of an FTP server. Currently, all traffic to the FTP server is unencrypted. Users connecting to the FTP server use a variety of modern FTP client software.
The security analyst wants to keep the same port and protocol, while also still allowing unencrypted connections. Which of the following would BEST accomplish these goals?

A. Require the SFTP protocol to connect to the file server.
B. Use implicit TLS on the FTP server.
C. Use explicit FTPS for connections.
D. Use SSH tunneling to encrypt the FTP traffic.

Study These Flashcards
A

C. Use explicit FTPS for connections.

22
Q

An organization has determined it can tolerate a maximum of three hours of downtime. Which of the following has been specified?

A. RTO
B. RPO
C. MTBF
D. MTTR

23
Q

Users report the following message appears when browsing to the company’s secure site: This website cannot be trusted. Which of the following actions should a security analyst take to resolve these messages? (Choose two.)

A. Verify the certificate has not expired on the server.
B. Ensure the certificate has a .pfx extension on the server.
C. Update the root certificate into the client computer certificate store.
D. Install the updated private key on the web server.
E. Have users clear their browsing history and relaunch the session.

Study These Flashcards
A

A. Verify the certificate has not expired on the server.

C. Update the root certificate into the client computer certificate store.

24
Q

Which of the following can be provided to an AAA system for the identification phase?

A. Username
B. Permissions
C. One-time token
D. Private certificate

25
Malicious traffic from an internal network has been detected on an unauthorized port on an application server. Which of the following network-based security controls should the engineer consider implementing? A. NAT B. HIPS C. ACLs D. MAC filtering
C. ACLs HIPS would normally sit on the edge of the network, between internal and external. The questions clearly states internal, which would justify ACLS.
26
Which of the following encryption methods does PKI typically use to securely protect keys? A. Elliptic curve B. Digital signatures C. Asymmetric D. Obfuscation
C. Asymmetric
27
As part of a new industry regulation, companies are required to utilize secure, standardized OS settings. A technical must ensure the OS settings are hardened. Which of the following is the BEST way to do this? A. Use a vulnerability scanner. B. Use a configuration compliance scanner. C. Use a passive, in-line scanner. D. Use a protocol analyzer.
B. Use a configuration compliance scanner.
28
A user has attempted to access data at a higher classification level than the user's account is currently authorized to access. Which of the following access control models has been applied to this user's account? A. ABAC B. DAC C. RBAC D. MAC
D. MAC
29
An attacker compromises a public CA and issues unauthorized X.509 certificates for Company.com. In the future, Company.com wants to mitigate the impact of similar incidents. Which of the following would assist Company.com with its goal? A. Certificate pinning B. Certificate stapling C. Certificate chaining D. Certificate with extended validation
A. Certificate pinning
30
A network administrator at a small office wants to simplify the configuration of mobile clients connecting to an encrypted wireless network. Which of the following should be implemented in the administrator does not want to provide the wireless password or he certificate to the employees?( Also is not a secure way to connect to a system.) A. WPS B. 802.1x C. WPA2-PSK D. TKIP
A. WPS
31
A company's user lockout policy is enabled after five unsuccessful login attempts. The help desk notices a user is repeatedly locked out over the course of a workweek. Upon contacting the user, the help desk discovers the user is on vacation and does not have network access. Which of the following types of attacks are MOST likely occurring? (Select two.) A. Replay B. Rainbow tables C. Brute force D. Pass the hash E. Dictionary
C. Brute force E. Dictionary
32
An organization wishes to provide better security for its name resolution services. Which of the following technologies BEST supports the deployment of DNSSEC at the organization? A. LDAP B. TPM C. TLS D. SSL E. PKI
C. TLS My trick, every time I see esc or s at the end, it is TLS --as in FTPS which is FTP over TLS. in this case DNS over TLS.
32
A security analyst is hardening an authentication server. One of the primary requirements is to ensure there is mutual authentication and delegation. Given these requirements, which of the following technologies should the analyst recommend and configure? A. LDAP services B. Kerberos services C. NTLM services D. CHAP services
B. Kerberos services Only Kerberos that can do Mutual Auth and Delegation.
32
After a user reports stow computer performance, a systems administrator detects a suspicious file, which was installed as part of a freeware software package. The systems administrator reviews the output below: Based on the above information, which of the following types of malware was installed on the user's computer? A. RAT B. Keylogger C. Spyware D. Worm E. Bot
A. RAT
33
Which of the following network vulnerability scan indicators BEST validates a successful, active scan? A. The scan job is scheduled to run during off-peak hours. B. The scan output lists SQL injection attack vectors. C. The scan data identifies the use of privileged-user credentials. D. The scan results identify the hostname and IP address.
B. The scan output lists SQL injection attack vectors. B is the correct answer because it recognizes an attack vectors. As we know that transmissions are dispatched by active scanners to network's nodes, and via investigating the responses in order to indicate that whether a exclusive node holds a weak point in the network or not.
34
An analyst wants to implement a more secure wireless authentication for office access points. Which of the following technologies allows for encrypted authentication of wireless clients over TLS? A. PEAP B. EAP C. WPA2 D. RADIUS
A. PEAP
35
WPA2 is among? A. Wireless Cryptographic Protocols B. Wireless Authentication Protocols C. Remote Access Connection and Authentication Service D. authentication framework
A. Wireless Cryptographic Protocols
35
EAP is among? A. Wireless Cryptographic Protocols B. Wireless Authentication Protocols C. Remote Access Connection and Authentication Service D. Authentication framework
D. Authentication framework
36
PEAP is among? A. Wireless Cryptographic Protocols B. Wireless Authentication Protocols C. Remote Access Connection and Authentication Service D. Authentication framework
B. Wireless Authentication Protocols
36
RADIUS is among? A. Wireless Cryptographic Protocols B. Wireless Authentication Protocols C. Remote Access Connection and Authentication Service D. authentication framework
C. Remote Access Connection and Authentication Service
37
A company has three divisions, each with its own networks and services. The company decides to make its secure web portal accessible to all employees utilizing their existing usernames and passwords. The security administrator has elected to use SAML to support authentication. In this scenario, which of the following will occur when users try to authenticate to the portal? (Choose two.) A. The portal will function as a service provider and request an authentication assertion. B. The portal will function as an identity provider and issue an authentication assertion. C. The portal will request an authentication ticket from each network that is transitively trusted. D. The back-end networks will function as an identity provider and issue an authentication assertion. E. The back-end networks will request authentication tickets from the portal, which will act as the third-party service provider authentication store. F. The back-end networks will verify the assertion token issued by the portal functioning as the identity provider.
C. The portal will request an authentication ticket from each network that is transitively trusted. D. The back-end networks will function as an identity provider and issue an authentication assertion.
38
A system administrator wants to provide balance between the security of a wireless network and usability. The administrator is concerned with wireless encryption compatibility of older devices used by some employees. Which of the following would provide strong security and backward compatibility when accessing the wireless network? A. Open wireless network and SSL VPN B. WPA using a preshared key C. WPA2 using a RADIUS back-end for 802.1x authentication D. WEP with a 40-bit key
B. WPA using a preshared key
39
An information security specialist is reviewing the following output from a Linux server. Based on the above information, which of the following types of malware was installed on the server? A. Logic Bomb B. RAT C. Trojan D. XSS Scripting
A. Logic Bomb if you see "if" , it is logic bomb
40
Which of the following would MOST likely appear in an uncredentialed vulnerability scan? A. Self-signed certificates B. Missing patches C. Auditing parameters D. Inactive local accounts
D. Inactive local accounts
41
When considering a third-party cloud service provider, which of the following criteria would be the BEST to include in the security assessment process? (Choose two.) A. Use of performance analytics B. Adherence to regulatory compliance C. Data retention policies D. Size of the corporation E. Breadth of applications support
B. Adherence to regulatory compliance C. Data retention policies
42
Which of the following occurs when the security of a web application relies on JavaScript for input validation? A. The integrity of the data is at risk. B. The security of the application relies on antivirus. C. A host-based firewall is required. D. The application is vulnerable to race conditions.
A. The integrity of the data is at risk.
43
An analyst is reviewing a simple program for potential security vulnerabilities before being deployed to a Windows server. Given the following code: Which of the following vulnerabilities is present? A. Bad memory pointer B. Buffer overflow C. Integer overflow D. Backdoor
B. Buffer overflow B Because (strcpy) is an indicator of Buffer overflow
44
A wireless network uses a RADIUS server that is connected to an authenticator, which in turn connects to a supplicant. Which of the following represents the authentication architecture in use? A. Open systems authentication B. Captive portal C. RADIUS federation D. 802.1x
D. 802.1x
45
A manager wants to distribute a report to several other managers within the company. Some of them reside in remote locations that are not connected to the domain but have a local server. Because there is sensitive data within the report and the size of the report is beyond the limit of the email attachment size, emailing the report is not an option. Which of the following protocols should be implemented to distribute the report securely? (Choose three.) A. S/MIME B. SSH C. SNMPv3 D. FTPS E. SRTP F. HTTPS G. LDAPS
B. SSH D. FTPS F. HTTPS

SYO-601 (6 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions